Configuring Logs In The Cs.cfg File - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

• enabled . Select to enable; deselect to disable. Only enabled logs actually record events.
• level . Sets the log level. The choices are Debug, Information, Warning, Failure,
Misconfiguration, Catastrophe, and Security. The level field does not have a drop-down
list. It is a simple text field that needs to be filled in with one of the above categories. For more
information, see
• fileName . The full path, including the filename, to the file to write messages. The server should
have read/write permission to the file.
• bufferSize . The buffer size in kilobytes (KB) for the log. The default size is 512 KB. For more
information, see
this size, the contents of the buffer are flushed out and copied to the log file.
• flushInterval . The interval, in seconds, to flush the buffer to the file. The default interval is
5 seconds. The flushInterval is the amount of time before the contents of the buffer are
flushed out and added to the log file.
• maxFileSize . The file size in kilobytes (KB) for the error log. The default size is 100 KB. The
maxFileSize determines how large a log file can become before it is rotated. Once it reaches
this size, the file is copied to a rotated file, and the log file is started anew. For more information,
Section 3.9.5, "Log File
see
• rolloverInterval . Sets the frequency at which the server rotates the active error log file. The
available choices are hourly, daily, weekly, monthly, and yearly. The default selection is monthly.
For more information, see
The signed audit log has these additional settings:
• logSigning . Enables signed logging. When this parameter is enabled, provide a value for the
signedAuditCertNickname parameter. This feature means, the log can only be viewed by an
Section 3.9.1.6, "Signed Audit Log"
auditor. See
• signedAuditCertNickname . The nickname of the certificate used to sign audit logs. The
private key for this certificate must be accessible to the subsystem in order for it to sign the log.
• events . Specifies which events are logged to the audit log. Lists each event separated by a
comma with no spaces. Events can be removed from the list. See
Events"
for a complete list of auditable logging events.
5. Click OK.

3.9.7. Configuring Logs in the CS.cfg File

To modify the configuration settings for logs:
1. Stop the subsystem instance.
2. Open the CS.cfg file in the /var/lib/instance/conf directory.
3. To create a new log, copy all of the entries for either the system or transactions log. These are the
parameters that begin with log.instance.Transactions or log.instance.System. Paste
all entries at the bottom of the logging section and change the name of this instance by changing
the word Transactions or System in each parameter to the new name.
Section 3.9.3, "Log Levels (Message
Section 3.9.4, "Buffered Versus Unbuffered
Rotation".
Section 3.9.5, "Log File
Configuring Logs in the CS.cfg File
Categories)".
Logging". Once the buffer reaches
Rotation".
for more information about signed audit logs.
Table 3.11, "Signed Audit Log
83